Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer
16-July-24
An advanced persistent threat (APT) group known as Void Banshee has been exploiting a zero-day vulnerability in Microsoft’s MHTML browser engine (CVE-2024-38112) to spread the Atlantida information stealer. This flaw, recently addressed by Microsoft, allows attackers to deliver the stealer via spear-phishing emails containing malicious URL files. The attack chain involves executing a Visual Basic Script through a compromised HTML Application, ultimately deploying Atlantida to steal sensitive data from various applications.
